Помогите разобраться с сыкой котарая испl
-
Это Nat reflection выключен
-
Это Nat reflection выключен
А тепеьрь самое веселое….
Если я его включаю, то у меня локальные сейты так и не работают, а заодно и инет отваливается. Пока он выключен, хоть инет работает. -
Это Nat reflection выключен
А тепеьрь самое веселое….
Если я его включаю, то у меня локальные сейты так и не работают, а заодно и инет отваливается. Пока он выключен, хоть инет работает.Действительно обхохочешься -)
а можно ту же pfctl -sn с включенным Nat reflection? -
Со включеным Nat reflection
$ pfctl -sn
nat-anchor "pftpx/" all
nat-anchor "natearly/" all
nat-anchor "natrules/" all
nat on nfe0 inet from 192.168.200.0/24 port = isakmp to any port = isakmp -> (ng0) port 500 round-robin
nat on ng0 inet from 192.168.200.0/24 port = isakmp to any port = isakmp -> (ng0) port 500 round-robin
nat on nfe0 inet from 192.168.200.0/24 port = 5060 to any port = 5060 -> (ng0) port 5060 round-robin
nat on ng0 inet from 192.168.200.0/24 port = 5060 to any port = 5060 -> (ng0) port 5060 round-robin
nat on nfe0 inet from 192.168.200.0/24 to any -> (ng0) round-robin
nat on ng0 inet from 192.168.200.0/24 to any -> (ng0) round-robin
nat on nfe0 inet from 192.168.201.96/28 port = isakmp to any port = isakmp -> (ng0) port 500 round-robin
nat on ng0 inet from 192.168.201.96/28 port = isakmp to any port = isakmp -> (ng0) port 500 round-robin
nat on nfe0 inet from 192.168.201.96/28 port = 5060 to any port = 5060 -> (ng0) port 5060 round-robin
nat on ng0 inet from 192.168.201.96/28 port = 5060 to any port = 5060 -> (ng0) port 5060 round-robin
nat on nfe0 inet from 192.168.201.96/28 to any -> (ng0) round-robin
nat on ng0 inet from 192.168.201.96/28 to any -> (ng0) round-robin
rdr-anchor "pftpx/" all
rdr-anchor "slb" all
rdr on ng0 inet proto tcp from any to any port = http -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = http -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = http -> 127.0.0.1 port 19000
rdr on ste0 inet proto udp from any to any port = http -> 127.0.0.1 port 19001
rdr on ng0 inet proto tcp from any to any port = 27015 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27015 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27015 -> 127.0.0.1 port 19002
rdr on ste0 inet proto udp from any to any port = 27015 -> 127.0.0.1 port 19003
rdr on ng0 inet proto tcp from any to any port = 27010 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27010 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27010 -> 127.0.0.1 port 19004
rdr on ste0 inet proto udp from any to any port = 27010 -> 127.0.0.1 port 19005
rdr on ng0 inet proto tcp from any to any port = 27011 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27011 -> 127.0.0.1 port 19006
rdr on ng0 inet proto tcp from any to any port = 27040 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27040 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27040 -> 127.0.0.1 port 19007
rdr on ste0 inet proto udp from any to any port = 27040 -> 127.0.0.1 port 19008
rdr on ng0 inet proto tcp from any to any port = 27025 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27025 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27025 -> 127.0.0.1 port 19009
rdr on ste0 inet proto udp from any to any port = 27025 -> 127.0.0.1 port 19010
rdr on ng0 inet proto tcp from any to any port = afs3-prserver -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = afs3-prserver -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = afs3-prserver -> 127.0.0.1 port 19011
rdr on ste0 inet proto udp from any to any port = afs3-prserver -> 127.0.0.1 port 19012
rdr on ng0 inet proto tcp from any to any port = 6003 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 6003 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 6003 -> 127.0.0.1 port 19013
rdr on ste0 inet proto udp from any to any port = 6003 -> 127.0.0.1 port 19014
rdr on ng0 inet proto tcp from any to any port = 27016 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27016 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27016 -> 127.0.0.1 port 19015
rdr on ste0 inet proto udp from any to any port = 27016 -> 127.0.0.1 port 19016
rdr on ng0 inet proto tcp from any to 217.197.240.43 port = 27960 -> 192.168.200.1
rdr on ng0 inet proto udp from any to 217.197.240.43 port = 27960 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to 217.197.240.43 port = 27960 -> 127.0.0.1 port 19017
rdr on ste0 inet proto udp from any to 217.197.240.43 port = 27960 -> 127.0.0.1 port 19018
rdr on ng0 inet proto tcp from any to any port = 27017 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27017 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27017 -> 127.0.0.1 port 19019
rdr on ste0 inet proto udp from any to any port = 27017 -> 127.0.0.1 port 19020
rdr on ng0 inet proto tcp from any to any port = 27018 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27018 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27018 -> 127.0.0.1 port 19021
rdr on ste0 inet proto udp from any to any port = 27018 -> 127.0.0.1 port 19022
rdr on ng0 inet proto tcp from any to any port = 27019 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27019 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27019 -> 127.0.0.1 port 19023
rdr on ste0 inet proto udp from any to any port = 27019 -> 127.0.0.1 port 19024
rdr on ng0 inet proto tcp from any to any port = 27020 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27020 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27020 -> 127.0.0.1 port 19025
rdr on ste0 inet proto udp from any to any port = 27020 -> 127.0.0.1 port 19026
rdr on ng0 inet proto tcp from any to any port = 27030 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27030 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27030 -> 127.0.0.1 port 19027
rdr on ste0 inet proto udp from any to any port = 27030 -> 127.0.0.1 port 19028
rdr on ng0 inet proto tcp from any to any port = 27021 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27021 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27021 -> 127.0.0.1 port 19029
rdr on ste0 inet proto udp from any to any port = 27021 -> 127.0.0.1 port 19030
rdr on ng0 inet proto tcp from any to any port = 27031 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27031 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27031 -> 127.0.0.1 port 19031
rdr on ste0 inet proto udp from any to any port = 27031 -> 127.0.0.1 port 19032
rdr on ng0 inet proto tcp from any to any port = 27022 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27022 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27022 -> 127.0.0.1 port 19033
rdr on ste0 inet proto udp from any to any port = 27022 -> 127.0.0.1 port 19034
rdr on ng0 inet proto tcp from any to any port = 52001 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 52001 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 52001 -> 127.0.0.1 port 19035
rdr on ste0 inet proto udp from any to any port = 52001 -> 127.0.0.1 port 19036
rdr on ng0 inet proto tcp from any to any port = 27032 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27032 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27032 -> 127.0.0.1 port 19037
rdr on ste0 inet proto udp from any to any port = 27032 -> 127.0.0.1 port 19038
rdr on ng0 inet proto tcp from any to any port = 27033 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27033 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27033 -> 127.0.0.1 port 19039
rdr on ste0 inet proto udp from any to any port = 27033 -> 127.0.0.1 port 19040
rdr on ng0 inet proto tcp from any to any port = 27035 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27035 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27035 -> 127.0.0.1 port 19041
rdr on ste0 inet proto udp from any to any port = 27035 -> 127.0.0.1 port 19042
rdr on ng0 inet proto tcp from any to any port = 27036 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27036 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27036 -> 127.0.0.1 port 19043
rdr on ste0 inet proto udp from any to any port = 27036 -> 127.0.0.1 port 19044
rdr on ng0 inet proto tcp from any to any port = 27037 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27037 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27037 -> 127.0.0.1 port 19045
rdr on ste0 inet proto udp from any to any port = 27037 -> 127.0.0.1 port 19046
rdr on ng0 inet proto tcp from any to any port = 27038 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27038 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27038 -> 127.0.0.1 port 19047
rdr on ste0 inet proto udp from any to any port = 27038 -> 127.0.0.1 port 19048
rdr on ng0 inet proto tcp from any to any port = 27039 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27039 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27039 -> 127.0.0.1 port 19049
rdr on ste0 inet proto udp from any to any port = 27039 -> 127.0.0.1 port 19050
rdr on ng0 inet proto tcp from any to any port = 27041 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27041 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27041 -> 127.0.0.1 port 19051
rdr on ste0 inet proto udp from any to any port = 27041 -> 127.0.0.1 port 19052
rdr on ng0 inet proto tcp from any to any port = 27042 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27042 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27042 -> 127.0.0.1 port 19053
rdr on ste0 inet proto udp from any to any port = 27042 -> 127.0.0.1 port 19054
rdr on ng0 inet proto tcp from any to any port = 27043 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27043 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27043 -> 127.0.0.1 port 19055
rdr on ste0 inet proto udp from any to any port = 27043 -> 127.0.0.1 port 19056
rdr on ng0 inet proto tcp from any to any port = 27044 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27044 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27044 -> 127.0.0.1 port 19057
rdr on ste0 inet proto udp from any to any port = 27044 -> 127.0.0.1 port 19058
rdr on ng0 inet proto tcp from any to any port = 27045 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27045 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27045 -> 127.0.0.1 port 19059
rdr on ste0 inet proto udp from any to any port = 27045 -> 127.0.0.1 port 19060
rdr on ng0 inet proto tcp from any to any port = 27046 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 27046 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 27046 -> 127.0.0.1 port 19061
rdr on ste0 inet proto udp from any to any port = 27046 -> 127.0.0.1 port 19062
rdr on ng0 inet proto tcp from any to any port = ssh -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = ssh -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = ssh -> 127.0.0.1 port 19063
rdr on ste0 inet proto udp from any to any port = ssh -> 127.0.0.1 port 19064
rdr on ng0 inet proto tcp from any to any port = 10000 -> 192.168.200.1
rdr on ng0 inet proto udp from any to any port = 10000 -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = 10000 -> 127.0.0.1 port 19065
rdr on ste0 inet proto udp from any to any port = 10000 -> 127.0.0.1 port 19066
rdr on ng0 inet proto tcp from any to any port = ftp-data -> 192.168.200.1
rdr on ste0 inet proto tcp from any to any port = ftp-data -> 127.0.0.1 port 19067
rdr on ng0 inet proto tcp from any to any port = ftp -> 192.168.200.1
rdr-anchor "imspector" all
rdr-anchor "miniupnpd" all
rdr on ste0 inet proto tcp from any to (ste0) port = 3128 -> 127.0.0.1 port 3128 -
Вот это правильно
-
И при этом привильном ничего не работает. Работает только в том случае если я подниму до роутера pptp соединения….
-
И при этом привильном ничего не работает. Работает только в том случае если я подниму до роутера pptp соединения….
Я не знаю, как Nat reflection может влиять на pptp. Что в логах?
-
Я не знаю, как Nat reflection может влиять на pptp. Что в логах?
Да pptp здесь непричем. Я просто на нем привел пример когда рабоать начинает.
Проблема в том что когда я включаю Nat reflection, у меня и локальные ресурсы как не работати так и не работают, да и в предачу инет отваливаливается во всей локалки. Проблема в этом.. -
Какой именно лог нужен?
-
Может у меня установленные сервисы корячутся?
siproxd Proxy for handling NAT of multiple SIP devices to a single public IP. Running
havp Antivirus HTTP proxy Service Running
ntpd NTP clock sync RunningПричем siproxd, не редактировал, оставил дефолтные настройки.
-
Какой именно лог нужен?
Status->System logs.
И когда не работает, опять netstat -rn и ifconfig -
$ netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 217.197.255.32 UGS 0 111751935 ng0 127.0.0.1 127.0.0.1 UH 0 62461 lo0 192.168.200.0/24 link#2 UC 0 0 ste0 192.168.200.1 00:15:17:e5:72:77 UHLW 1 209916410 ste0 517 192.168.200.104 00:1d:60:d3:aa:04 UHLW 1 237364 ste0 1119 192.168.201.1 lo0 UHS 0 0 lo0 192.168.201.96 192.168.201.1 UH 0 20699 ng1 217.197.240.43 lo0 UHS 0 126 lo0 217.197.255.32 217.197.240.43 UH 1 4010 ng0 Internet6: Destination Gateway Flags Netif Expire ::1 ::1 UHL lo0 fe80::%nfe0/64 link#1 UC nfe0 fe80::21d:60ff:fed3:aa04%nfe0 00:1d:60:d3:aa:04 UHL lo0 fe80::%ste0/64 link#2 UC ste0 fe80::22cf:30ff:feb6:c1b1%ste0 20:cf:30:b6:c1:b1 UHL lo0 fe80::%lo0/64 fe80::1%lo0 U lo0 fe80::1%lo0 link#3 UHL lo0 fe80::%ng0/64 link#7 UC ng0 fe80::21d:60ff:fed3:aa04%ng0 link#7 UHL lo0 fe80::%ng1/64 link#8 UC ng1 fe80::21d:60ff:fed3:aa04%ng1 link#8 UHL lo0 ff01:1::/32 link#1 UC nfe0 ff01:2::/32 link#2 UC ste0 ff01:3::/32 ::1 UC lo0 ff01:7::/32 link#7 UC ng0 ff01:8::/32 link#8 UC ng1 ff02::%nfe0/32 link#1 UC nfe0 ff02::%ste0/32 link#2 UC ste0 ff02::%lo0/32 ::1 UC lo0 ff02::%ng0/32 link#7 UC ng0 ff02::%ng1/32 link#8 UC ng1$ ifconfig nfe0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=14b <rxcsum,txcsum,vlan_mtu,polling,tso4>ether 00:1d:60:d3:aa:04 inet6 fe80::21d:60ff:fed3:aa04%nfe0 prefixlen 64 scopeid 0x1 media: Ethernet autoselect (100baseTX <full-duplex>) status: active ste0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=48 <vlan_mtu,polling>ether 20:cf:30:b6:c1:b1 inet 192.168.200.254 netmask 0xffffff00 broadcast 192.168.200.255 inet6 fe80::22cf:30ff:feb6:c1b1%ste0 prefixlen 64 scopeid 0x2 media: Ethernet autoselect (100baseTX <full-duplex>) status: active lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 enc0: flags=0<> metric 0 mtu 1536 pflog0: flags=100 <promisc>metric 0 mtu 33204 pfsync0: flags=41 <up,running>metric 0 mtu 1460 pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128 ng0: flags=88d1 <up,pointopoint,running,noarp,simplex,multicast>metric 0 mtu 1492 inet6 fe80::21d:60ff:fed3:aa04%ng0 prefixlen 64 scopeid 0x7 inet 217.197.240.43 --> 217.197.255.32 netmask 0xffffffff ng1: flags=88d1 <up,pointopoint,running,noarp,simplex,multicast>metric 0 mtu 1396 inet 192.168.201.1 --> 192.168.201.96 netmask 0xffffffff inet6 fe80::21d:60ff:fed3:aa04%ng1 prefixlen 64 scopeid 0x8 ng2: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500 ng3: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500 ng4: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500 ng5: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500 ng6: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500 ng7: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500 ng8: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500 ng9: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500 ng10: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500 ng11: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500 ng12: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500 ng13: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500 ng14: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500 ng15: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500 ng16: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500</pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></up,pointopoint,running,noarp,simplex,multicast></up,pointopoint,running,noarp,simplex,multicast></up,running></promisc></up,loopback,running,multicast></full-duplex></vlan_mtu,polling></up,broadcast,running,simplex,multicast></full-duplex></rxcsum,txcsum,vlan_mtu,polling,tso4></up,broadcast,running,simplex,multicast>System logs.
Dec 9 23:41:57 syslogd: kernel boot file is /boot/kernel/kernel Dec 9 23:42:14 check_reload_status: starting sshd Dec 9 23:42:14 sshd[5809]: Received signal 15; terminating. Dec 9 23:42:14 sshd[1069]: Server listening on :: port 22\. Dec 9 23:42:14 sshd[1069]: Server listening on 0.0.0.0 port 22\. Dec 9 23:42:19 check_reload_status: reloading filter -
дык у тебя pptp-сервер запущен на pfSense, он никогда (ну хорошо - врядли) не будет работать вместе с pptp на WAN
-
Тоесть если я отключу pptp то у меня всо долно заработать?
-
Отключил pptp, не помлгло все то же самое.
$ netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 217.197.255.32 UGS 0 119152632 ng0 127.0.0.1 127.0.0.1 UH 0 63176 lo0 192.168.200.0/24 link#2 UC 0 0 ste0 192.168.200.1 00:15:17:e5:72:77 UHLW 1 215163027 ste0 1118 192.168.200.104 link#2 UHLW 1 56 ste0 217.197.240.43 lo0 UHS 0 252 lo0 217.197.255.32 217.197.240.43 UH 1 6700 ng0 Internet6: Destination Gateway Flags Netif Expire ::1 ::1 UHL lo0 fe80::%nfe0/64 link#1 UC nfe0 fe80::21d:60ff:fed3:aa04%nfe0 00:1d:60:d3:aa:04 UHL lo0 fe80::%ste0/64 link#2 UC ste0 fe80::22cf:30ff:feb6:c1b1%ste0 20:cf:30:b6:c1:b1 UHL lo0 fe80::%lo0/64 fe80::1%lo0 U lo0 fe80::1%lo0 link#3 UHL lo0 fe80::%ng0/64 link#7 UC ng0 fe80::21d:60ff:fed3:aa04%ng0 link#7 UHL lo0 ff01:1::/32 link#1 UC nfe0 ff01:2::/32 link#2 UC ste0 ff01:3::/32 ::1 UC lo0 ff01:7::/32 link#7 UC ng0 ff02::%nfe0/32 link#1 UC nfe0 ff02::%ste0/32 link#2 UC ste0 ff02::%lo0/32 ::1 UC lo0 ff02::%ng0/32 link#7 UC ng0$ ifconfig nfe0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=14b <rxcsum,txcsum,vlan_mtu,polling,tso4>ether 00:1d:60:d3:aa:04 inet6 fe80::21d:60ff:fed3:aa04%nfe0 prefixlen 64 scopeid 0x1 media: Ethernet autoselect (100baseTX <full-duplex>) status: active ste0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=48 <vlan_mtu,polling>ether 20:cf:30:b6:c1:b1 inet 192.168.200.254 netmask 0xffffff00 broadcast 192.168.200.255 inet6 fe80::22cf:30ff:feb6:c1b1%ste0 prefixlen 64 scopeid 0x2 media: Ethernet autoselect (100baseTX <full-duplex>) status: active lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 enc0: flags=0<> metric 0 mtu 1536 pflog0: flags=100 <promisc>metric 0 mtu 33204 pfsync0: flags=41 <up,running>metric 0 mtu 1460 pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128 ng0: flags=88d1 <up,pointopoint,running,noarp,simplex,multicast>metric 0 mtu 1492 inet6 fe80::21d:60ff:fed3:aa04%ng0 prefixlen 64 scopeid 0x7 inet 217.197.240.43 --> 217.197.255.32 netmask 0xffffffff</up,pointopoint,running,noarp,simplex,multicast></up,running></promisc></up,loopback,running,multicast></full-duplex></vlan_mtu,polling></up,broadcast,running,simplex,multicast></full-duplex></rxcsum,txcsum,vlan_mtu,polling,tso4></up,broadcast,running,simplex,multicast>Dec 10 08:42:47 check_reload_status: starting sshd Dec 10 08:42:48 sshd[2256]: Received signal 15; terminating. Dec 10 08:42:48 sshd[52354]: Server listening on :: port 22. Dec 10 08:42:48 sshd[52354]: Server listening on 0.0.0.0 port 22. Dec 10 08:43:49 mpd: mpd: caught fatal signal term Dec 10 08:43:49 mpd: [pt0] IPCP: Down event Dec 10 08:43:49 mpd: [pt0] IFACE: Close event Dec 10 08:43:49 mpd: [pt1] IPCP: Down event Dec 10 08:43:49 mpd: [pt1] IFACE: Close event Dec 10 08:43:49 mpd: [pt2] IPCP: Down event Dec 10 08:43:49 mpd: [pt2] IFACE: Close event Dec 10 08:43:49 mpd: [pt3] IPCP: Down event Dec 10 08:43:49 mpd: [pt3] IFACE: Close event Dec 10 08:43:49 mpd: [pt4] IPCP: Down event Dec 10 08:43:49 mpd: [pt4] IFACE: Close event Dec 10 08:43:49 mpd: [pt5] IPCP: Down event Dec 10 08:43:49 mpd: [pt5] IFACE: Close event Dec 10 08:43:49 mpd: [pt6] IPCP: Down event Dec 10 08:43:49 mpd: [pt6] IFACE: Close event Dec 10 08:43:49 mpd: [pt7] IPCP: Down event Dec 10 08:43:49 mpd: [pt7] IFACE: Close event Dec 10 08:43:49 mpd: [pt8] IPCP: Down event Dec 10 08:43:49 mpd: [pt8] IFACE: Close event Dec 10 08:43:49 mpd: [pt9] IPCP: Down event Dec 10 08:43:49 mpd: [pt9] IFACE: Close event Dec 10 08:43:49 mpd: [pt10] IPCP: Down event Dec 10 08:43:49 mpd: [pt10] IFACE: Close event Dec 10 08:43:49 mpd: [pt11] IPCP: Down event Dec 10 08:43:49 mpd: [pt11] IFACE: Close event Dec 10 08:43:49 mpd: [pt12] IPCP: Down event Dec 10 08:43:49 mpd: [pt12] IFACE: Close event Dec 10 08:43:49 mpd: [pt13] IPCP: Down event Dec 10 08:43:49 mpd: [pt13] IFACE: Close event Dec 10 08:43:49 mpd: [pt14] IPCP: Down event Dec 10 08:43:49 mpd: [pt14] IFACE: Close event Dec 10 08:43:49 mpd: [pt15] IPCP: Down event Dec 10 08:43:49 mpd: [pt15] IFACE: Close event Dec 10 08:43:51 mpd: mpd: process 10295 terminated Dec 10 08:43:52 php: /vpn_pptp.php: Could not kill mpd within 3 seconds. Trying again. Dec 10 08:43:53 check_reload_status: reloading filter Dec 10 08:48:20 check_reload_status: reloading filter Dec 10 08:48:21 check_reload_status: starting sshd Dec 10 08:48:22 sshd[52354]: Received signal 15; terminating. Dec 10 08:48:22 sshd[54653]: Server listening on :: port 22. Dec 10 08:48:22 sshd[54653]: Server listening on 0.0.0.0 port 22. Dec 10 08:50:27 check_reload_status: reloading filter Dec 10 08:50:29 check_reload_status: starting sshd Dec 10 08:50:30 sshd[54653]: Received signal 15; terminating. Dec 10 08:50:30 sshd[55177]: Server listening on :: port 22. Dec 10 08:50:30 sshd[55177]: Server listening on 0.0.0.0 port 22.При отключеном pptp, все тоже самое, ни локалки, ни инета :'(
-
Сейчас всё правильно, как проверяешь локалку и интернет?
-
дык у тебя pptp-сервер запущен на pfSense, он никогда (ну хорошо - врядли) не будет работать вместе с pptp на WAN
все отлично работало.. вот только не помню коннекты были на pptp адрес или на серый
-
Я понять ничего не могу, Вы говорите что все нормально. Но когда я снимаю галочку с Disable NAT Reflection, у меня вообще все отваливается и локалка не работает и инет. :'( Я не понимаю в чем дело. Все настроил, все работает. Но вот локальные ресурсу никак. может Вам сбросить status.php? Там полная картина конфига.
-
как проверяешь локалку и интернет?
-
параметры сети
192.168.200.0/24
гейт 192.168.200.254 (Онже и pfSense)
DNS 192.168.200.1Захожу на 192.168.200.254
System: Advanced functions - Снимаю галочку с "Disable NAT Reflection", кликаю на "Save"
Захжу на комп с IP 192.168.200.145. Пытаюсь зайти на www.yandex.ru. Ничего он просто долго тупит…. Но так и не открывает сайт. Пытаюсьзайти на локальные ресурсы. Тоже самое, долго тупит, но страницу в этоге так и не открывает.Снимаю галочку на "Disable NAT Reflection" кликаю на "Save", интернет тут же появляются, локальные ресурсы все так же не отображаются.
Вто то что я делаю.
Я тут одному знакомому форумчанениу, который настраивал уже у себя этого зверька закинул свой конфиг на анализ status.php. И вот что получил в ответБегло пробежался. На сколько я понял, инет идёт через pppoe. Получается три интерфейса: локалка своя, локалка провайдера и виртуальный интерфейс с инетом. А в конфиге только два. Это уже наводит на мысли.
Кстати, может по этому rip так у мея и не заработал….